Remarks 



Claims 1 to 24 remain in the application. Claims 1 to 24 are rejected. Claims 1 and 
17 have been amended. 

Claim Rejections - 35 USC § 102 

Claims 1-24 are rejected under 35 U.S.C. 102(e) as being anticipated by Langford 
et al. (U.S. Patent Number 6,470,450). 

Applicant has amended claim 1 at step a) and at step b). The proposed amendment 
to step a) is intended to clarify the expression "received trusted hash value." In particular, 
the "received trusted hash value" is a value that is expected when a predetermined hashing 
process is applied to "predetermined data stored in memory within the computer system for 
a trusted state of executable programs in execution within the computer system if an 
unauthorized executable program is other than resident in the computer system." 
Accordingly, the trusted state of executable programs (note the plural form of the term 
"programs") in execution within the computer system is a state that occurs when only 
authorized programs are in execution. When in a trusted state, the number of authorized 
programs that are in execution is immaterial, but every program that is in execution must 
be authorized. Since the predetermined data relates to all of the executable programs that 
are in execution at a given time, then every time the computer system is in a same trusted 
state (same authorized programs are in execution) the predetermined data is similar and the 
predetermined hashing process is expected to return a substantially same value, at least to 
within known limits. Accordingly, the "received trusted hash value" is a value that is 
indicative of the computer system having only authorized programs in execution thereon. 

The amendment to step b) is intended to more clearly define that "the data stored in 
memory within the computer system" is hashed "using the predetermined hashing process 
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to determine a computed hash value for a current state of executable programs in execution 
within the computer system ." Accordingly, a computed hash value is determined for a 
current state of executable programs, which includes all executable programs in execution 
within the computer system. 

Applicant respectfully submits that Langford does not teach each and every feature 
of the instant invention in as complete detail as is recited at amended claim 1. Langford 
does not teach determining a computed hash value for a current state of executable 
programs in execution within the computer system as is recited at step b). Rather, 
Langford teaches determining a hash value of a requesting application, or other 
executable file data, relating to the requesting application. The amendment to step b) is 
believed to distinguish claim 1 over the teachings of Langford in that the computed hash 
value relates to the executable programs (plural form) in execution within the computer 
system and not merely a requesting application. Furthermore, Langford merely teaches 
checking whether a computed hash value of the executable file data matches the 
corresponding stored unique application verification data. There is no teaching of 
receiving a trusted hash value relating to predetermined data stored in memory within the 
computer system for a trusted state of executable programs in execution within the 
computer system if an unauthorized executable program is other than resident in the 
computer system. The amendment to step a) is believed to further distinguish claim 1 over 
the teachings of Langford in that the received trusted hash value relates to the executable 
programs (plural) in execution for a trusted state, whereas Langford teaches stored unique 
application verification data relating to a requesting application (e.g. a single application 
that is actually making a request for security data). 

Accordingly, Applicant respectfully submits that amended claim 1 is in proper 
condition for allowance. Favourable consideration is kindly requested. 

Claims 2 through 16 depend either directly or indirectly from believed allowable 
amended claim 1 and are also believed to be in proper condition for allowance. Favourable 
consideration is kindly requested. 
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Applicant has amended claim 17 to recite "wherein the predetermined data relates 
to programs in execution on the processor of the computer system when the computer 
system is in a known secure state ." Langford merely teaches hashing executable file data 
relating to a requesting program, not hashing predetermined data relating to programs 
(plural form of the tern "programs" is used) in execution on the processor of the computer 
system when the computer system is in a known secure state. In particular, Langford 
teaches hashing data relating only to a single program on a per application basis. This 
hashing appears to be done by a trusted authority, and therefore may not relate to a known 
secure state of the computer system. In any event, the hashed executable file data relating 
to a requesting program is indicative only of an authenticity of the requesting program, and 
is not indicative of a trusted state of the computer system as a whole. Accordingly, the 
method disclosed by Langford is suitable only for detecting a presence of an unauthorized 
requesting program, and is not suitable for detecting a presence of unauthorized programs 
interposed between a security application and an authorized requesting program. The 
proposed amendment is believed to distinguish claim 17 over Langford in that according to 
claim 17, the predetermined data that is hashed is data relating to programs that are in 
execution on the processor of the computer system specifically when the computer system 
is in a known secure state, and not merely to an application on a per application basis when 
the computer system is in an unknown state. 

Accordingly, Applicant respectfully submits that amended claim 17 is in proper 
condition for allowance. Favourable consideration is kindly requested. 

Claims 18 through 24 depend either directly or indirectly from believed allowable 
amended claim 17 and are also believed to be in proper condition for allowance. 
Favourable consideration is kindly requested. 

Applicant requests favourable reconsideration of the amended application. No new 
matter has been added. 
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Please charge any additional fees required or credit any overpayment to 
Deposit Account No. 50-1142. 



Respectfully, 




Gordon Freedman, Reg. No. 41,553 

Freedman and Associates 

1 17 Centrepointe Drive, Suite 350 

Nepean, Ontario 

K2G 5X3 Canada 

MW/sah 



Tel (613)274-7272 
Fax (613) 274-7414 
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